<!DOCTYPE HTML>
<html lang="en" >
    
    <head>
        
        <meta charset="UTF-8">
        <meta http-equiv="X-UA-Compatible" content="IE=edge" />
        <title>CSRF | 欢迎学习django课程</title>
        <meta content="text/html; charset=utf-8" http-equiv="Content-Type">
        <meta name="description" content="">
        <meta name="generator" content="GitBook 2.6.7">
        
        
        <meta name="HandheldFriendly" content="true"/>
        <meta name="viewport" content="width=device-width, initial-scale=1, user-scalable=no">
        <meta name="apple-mobile-web-app-capable" content="yes">
        <meta name="apple-mobile-web-app-status-bar-style" content="black">
        <link rel="apple-touch-icon-precomposed" sizes="152x152" href="../gitbook/images/apple-touch-icon-precomposed-152.png">
        <link rel="shortcut icon" href="../gitbook/images/favicon.ico" type="image/x-icon">
        
    <link rel="stylesheet" href="../gitbook/style.css">
    
        
        <link rel="stylesheet" href="../gitbook/plugins/gitbook-plugin-highlight/website.css">
        
    
        
        <link rel="stylesheet" href="../gitbook/plugins/gitbook-plugin-search/search.css">
        
    
        
        <link rel="stylesheet" href="../gitbook/plugins/gitbook-plugin-fontsettings/website.css">
        
    
    

        
    
    
    <link rel="next" href="../part4/6.html" />
    
    
    <link rel="prev" href="../part4/4.html" />
    

        
    </head>
    <body>
        
        
    <div class="book"
        data-level="4.4"
        data-chapter-title="CSRF"
        data-filepath="part4/5.md"
        data-basepath=".."
        data-revision="Tue Jan 03 2017 08:43:08 GMT+0800 (CST)"
        data-innerlanguage="">
    

<div class="book-summary">
    <nav role="navigation">
        <ul class="summary">
            
            
            
            

            

            
    
        <li class="chapter " data-level="0" data-path="index.html">
            
                
                    <a href="../index.html">
                
                        <i class="fa fa-check"></i>
                        
                        课程介绍
                    </a>
            
            
        </li>
    
        <li class="chapter " data-level="1" data-path="part1/1.html">
            
                
                    <a href="../part1/1.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>1.</b>
                        
                        入门
                    </a>
            
            
            <ul class="articles">
                
    
        <li class="chapter " data-level="1.1" data-path="part1/2.html">
            
                
                    <a href="../part1/2.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>1.1.</b>
                        
                        搭建开发环境
                    </a>
            
            
        </li>
    
        <li class="chapter " data-level="1.2" data-path="part1/3.html">
            
                
                    <a href="../part1/3.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>1.2.</b>
                        
                        设计模型
                    </a>
            
            
        </li>
    
        <li class="chapter " data-level="1.3" data-path="part1/4.html">
            
                
                    <a href="../part1/4.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>1.3.</b>
                        
                        管理站点
                    </a>
            
            
        </li>
    
        <li class="chapter " data-level="1.4" data-path="part1/5.html">
            
                
                    <a href="../part1/5.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>1.4.</b>
                        
                        视图
                    </a>
            
            
        </li>
    
        <li class="chapter " data-level="1.5" data-path="part1/6.html">
            
                
                    <a href="../part1/6.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>1.5.</b>
                        
                        模板
                    </a>
            
            
        </li>
    
        <li class="chapter " data-level="1.6" data-path="part1/7.html">
            
                
                    <a href="../part1/7.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>1.6.</b>
                        
                        总结与作业
                    </a>
            
            
        </li>
    

            </ul>
            
        </li>
    
        <li class="chapter " data-level="2" data-path="part2/1.html">
            
                
                    <a href="../part2/1.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>2.</b>
                        
                        模型
                    </a>
            
            
            <ul class="articles">
                
    
        <li class="chapter " data-level="2.1" data-path="part2/2.html">
            
                
                    <a href="../part2/2.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>2.1.</b>
                        
                        定义模型
                    </a>
            
            
        </li>
    
        <li class="chapter " data-level="2.2" data-path="part2/3.html">
            
                
                    <a href="../part2/3.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>2.2.</b>
                        
                        模型成员
                    </a>
            
            
        </li>
    
        <li class="chapter " data-level="2.3" data-path="part2/4.html">
            
                
                    <a href="../part2/4.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>2.3.</b>
                        
                        模型查询
                    </a>
            
            
        </li>
    
        <li class="chapter " data-level="2.4" data-path="part2/5.html">
            
                
                    <a href="../part2/5.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>2.4.</b>
                        
                        自连接
                    </a>
            
            
        </li>
    
        <li class="chapter " data-level="2.5" data-path="part2/6.html">
            
                
                    <a href="../part2/6.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>2.5.</b>
                        
                        总结与作业
                    </a>
            
            
        </li>
    

            </ul>
            
        </li>
    
        <li class="chapter " data-level="3" data-path="part3/1.html">
            
                
                    <a href="../part3/1.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>3.</b>
                        
                        视图
                    </a>
            
            
            <ul class="articles">
                
    
        <li class="chapter " data-level="3.1" data-path="part3/2.html">
            
                
                    <a href="../part3/2.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>3.1.</b>
                        
                        URLconf
                    </a>
            
            
        </li>
    
        <li class="chapter " data-level="3.2" data-path="part3/3.html">
            
                
                    <a href="../part3/3.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>3.2.</b>
                        
                        视图函数
                    </a>
            
            
        </li>
    
        <li class="chapter " data-level="3.3" data-path="part3/4.html">
            
                
                    <a href="../part3/4.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>3.3.</b>
                        
                        Request对象
                    </a>
            
            
            <ul class="articles">
                
    
        <li class="chapter " data-level="3.3.1" data-path="part3/4_1.html">
            
                
                    <a href="../part3/4_1.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>3.3.1.</b>
                        
                        QueryDict对象
                    </a>
            
            
        </li>
    
        <li class="chapter " data-level="3.3.2" data-path="part3/4_2.html">
            
                
                    <a href="../part3/4_2.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>3.3.2.</b>
                        
                        GET属性
                    </a>
            
            
        </li>
    
        <li class="chapter " data-level="3.3.3" data-path="part3/4_3.html">
            
                
                    <a href="../part3/4_3.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>3.3.3.</b>
                        
                        POST属性
                    </a>
            
            
        </li>
    

            </ul>
            
        </li>
    
        <li class="chapter " data-level="3.4" data-path="part3/5.html">
            
                
                    <a href="../part3/5.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>3.4.</b>
                        
                        Response对象
                    </a>
            
            
        </li>
    
        <li class="chapter " data-level="3.5" data-path="part3/6.html">
            
                
                    <a href="../part3/6.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>3.5.</b>
                        
                        状态保持
                    </a>
            
            
        </li>
    
        <li class="chapter " data-level="3.6" data-path="part3/7.html">
            
                
                    <a href="../part3/7.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>3.6.</b>
                        
                        总结与作业
                    </a>
            
            
        </li>
    

            </ul>
            
        </li>
    
        <li class="chapter " data-level="4" data-path="part4/1.html">
            
                
                    <a href="../part4/1.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>4.</b>
                        
                        模板
                    </a>
            
            
            <ul class="articles">
                
    
        <li class="chapter " data-level="4.1" data-path="part4/2.html">
            
                
                    <a href="../part4/2.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>4.1.</b>
                        
                        定义模板
                    </a>
            
            
        </li>
    
        <li class="chapter " data-level="4.2" data-path="part4/3.html">
            
                
                    <a href="../part4/3.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>4.2.</b>
                        
                        模板继承
                    </a>
            
            
        </li>
    
        <li class="chapter " data-level="4.3" data-path="part4/4.html">
            
                
                    <a href="../part4/4.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>4.3.</b>
                        
                        HTML转义
                    </a>
            
            
        </li>
    
        <li class="chapter active" data-level="4.4" data-path="part4/5.html">
            
                
                    <a href="../part4/5.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>4.4.</b>
                        
                        CSRF
                    </a>
            
            
        </li>
    
        <li class="chapter " data-level="4.5" data-path="part4/6.html">
            
                
                    <a href="../part4/6.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>4.5.</b>
                        
                        验证码
                    </a>
            
            
        </li>
    
        <li class="chapter " data-level="4.6" data-path="part4/7.html">
            
                
                    <a href="../part4/7.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>4.6.</b>
                        
                        总结与作业
                    </a>
            
            
        </li>
    

            </ul>
            
        </li>
    
        <li class="chapter " data-level="5" data-path="part5/1.html">
            
                
                    <a href="../part5/1.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>5.</b>
                        
                        高级
                    </a>
            
            
            <ul class="articles">
                
    
        <li class="chapter " data-level="5.1" data-path="part5/2.html">
            
                
                    <a href="../part5/2.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>5.1.</b>
                        
                        静态文件处理
                    </a>
            
            
        </li>
    
        <li class="chapter " data-level="5.2" data-path="part5/3.html">
            
                
                    <a href="../part5/3.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>5.2.</b>
                        
                        中间件
                    </a>
            
            
        </li>
    
        <li class="chapter " data-level="5.3" data-path="part5/4.html">
            
                
                    <a href="../part5/4.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>5.3.</b>
                        
                        上传图片
                    </a>
            
            
        </li>
    
        <li class="chapter " data-level="5.4" data-path="part5/5.html">
            
                
                    <a href="../part5/5.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>5.4.</b>
                        
                        Admin站点
                    </a>
            
            
        </li>
    
        <li class="chapter " data-level="5.5" data-path="part5/6.html">
            
                
                    <a href="../part5/6.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>5.5.</b>
                        
                        分页
                    </a>
            
            
        </li>
    
        <li class="chapter " data-level="5.6" data-path="part5/7.html">
            
                
                    <a href="../part5/7.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>5.6.</b>
                        
                        ajax
                    </a>
            
            
        </li>
    
        <li class="chapter " data-level="5.7" data-path="part5/8.html">
            
                
                    <a href="../part5/8.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>5.7.</b>
                        
                        总结与作业
                    </a>
            
            
        </li>
    

            </ul>
            
        </li>
    
        <li class="chapter " data-level="6" data-path="part6/1.html">
            
                
                    <a href="../part6/1.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>6.</b>
                        
                        第三方
                    </a>
            
            
            <ul class="articles">
                
    
        <li class="chapter " data-level="6.1" data-path="part6/2.html">
            
                
                    <a href="../part6/2.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>6.1.</b>
                        
                        富文本编辑器
                    </a>
            
            
        </li>
    
        <li class="chapter " data-level="6.2" data-path="part6/3.html">
            
                
                    <a href="../part6/3.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>6.2.</b>
                        
                        缓存
                    </a>
            
            
        </li>
    
        <li class="chapter " data-level="6.3" data-path="part6/4.html">
            
                
                    <a href="../part6/4.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>6.3.</b>
                        
                        全文检索
                    </a>
            
            
        </li>
    
        <li class="chapter " data-level="6.4" data-path="part6/5.html">
            
                
                    <a href="../part6/5.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>6.4.</b>
                        
                        celery
                    </a>
            
            
        </li>
    
        <li class="chapter " data-level="6.5" data-path="part6/6.html">
            
                
                    <a href="../part6/6.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>6.5.</b>
                        
                        布署
                    </a>
            
            
        </li>
    
        <li class="chapter " data-level="6.6" data-path="part6/7.html">
            
                
                    <a href="../part6/7.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>6.6.</b>
                        
                        总结与作业
                    </a>
            
            
        </li>
    

            </ul>
            
        </li>
    
        <li class="chapter " data-level="7" data-path="part7/1.html">
            
                
                    <a href="../part7/1.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>7.</b>
                        
                        Git与项目
                    </a>
            
            
            <ul class="articles">
                
    
        <li class="chapter " data-level="7.1" data-path="part7/2.html">
            
                
                    <a href="../part7/2.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>7.1.</b>
                        
                        Git简介
                    </a>
            
            
            <ul class="articles">
                
    
        <li class="chapter " data-level="7.1.1" data-path="part7/2_2.html">
            
                
                    <a href="../part7/2_2.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>7.1.1.</b>
                        
                        远程仓库
                    </a>
            
            
        </li>
    
        <li class="chapter " data-level="7.1.2" data-path="part7/2_1.html">
            
                
                    <a href="../part7/2_1.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>7.1.2.</b>
                        
                        本地仓库
                    </a>
            
            
        </li>
    

            </ul>
            
        </li>
    
        <li class="chapter " data-level="7.2" data-path="part7/3.html">
            
                
                    <a href="../part7/3.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>7.2.</b>
                        
                        项目设计
                    </a>
            
            
        </li>
    
        <li class="chapter " data-level="7.3" data-path="part7/4.html">
            
                
                    <a href="../part7/4.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>7.3.</b>
                        
                        模型类设计
                    </a>
            
            
        </li>
    
        <li class="chapter " data-level="7.4" data-path="part7/5.html">
            
                
                    <a href="../part7/5.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>7.4.</b>
                        
                        使用页面
                    </a>
            
            
        </li>
    
        <li class="chapter " data-level="7.5" data-path="part7/6.html">
            
                
                    <a href="../part7/6.html">
                
                        <i class="fa fa-check"></i>
                        
                            <b>7.5.</b>
                        
                        总结与作业
                    </a>
            
            
        </li>
    

            </ul>
            
        </li>
    


            
            <li class="divider"></li>
            <li>
                <a href="https://www.gitbook.com" target="blank" class="gitbook-link">
                    Published with GitBook
                </a>
            </li>
            
        </ul>
    </nav>
</div>

    <div class="book-body">
        <div class="body-inner">
            <div class="book-header" role="navigation">
    <!-- Actions Left -->
    

    <!-- Title -->
    <h1>
        <i class="fa fa-circle-o-notch fa-spin"></i>
        <a href="../" >欢迎学习django课程</a>
    </h1>
</div>

            <div class="page-wrapper" tabindex="-1" role="main">
                <div class="page-inner">
                
                
                    <section class="normal" id="section-">
                    
                        <h1 id="csrf">csrf</h1>
<ul>
<li>&#x5168;&#x79F0;Cross Site Request Forgery&#xFF0C;&#x8DE8;&#x7AD9;&#x8BF7;&#x6C42;&#x4F2A;&#x9020;</li>
<li>&#x67D0;&#x4E9B;&#x6076;&#x610F;&#x7F51;&#x7AD9;&#x4E0A;&#x5305;&#x542B;&#x94FE;&#x63A5;&#x3001;&#x8868;&#x5355;&#x6309;&#x94AE;&#x6216;&#x8005;JavaScript&#xFF0C;&#x5B83;&#x4EEC;&#x4F1A;&#x5229;&#x7528;&#x767B;&#x5F55;&#x8FC7;&#x7684;&#x7528;&#x6237;&#x5728;&#x6D4F;&#x89C8;&#x5668;&#x4E2D;&#x7684;&#x8BA4;&#x8BC1;&#x4FE1;&#x606F;&#x8BD5;&#x56FE;&#x5728;&#x4F60;&#x7684;&#x7F51;&#x7AD9;&#x4E0A;&#x5B8C;&#x6210;&#x67D0;&#x4E9B;&#x64CD;&#x4F5C;&#xFF0C;&#x8FD9;&#x5C31;&#x662F;&#x8DE8;&#x7AD9;&#x653B;&#x51FB;</li>
<li>&#x6F14;&#x793A;csrf&#x5982;&#x4E0B;</li>
<li>&#x521B;&#x5EFA;&#x89C6;&#x56FE;csrf1&#x7528;&#x4E8E;&#x5C55;&#x793A;&#x8868;&#x5355;&#xFF0C;csrf2&#x7528;&#x4E8E;&#x63A5;&#x6536;post&#x8BF7;&#x6C42;</li>
</ul>
<pre><code>def csrf1(request):
    return render(request,&apos;booktest/csrf1.html&apos;)
def csrf2(request):
    uname=request.POST[&apos;uname&apos;]
    return render(request,&apos;booktest/csrf2.html&apos;,{&apos;uname&apos;:uname})
</code></pre><ul>
<li>&#x914D;&#x7F6E;url</li>
</ul>
<pre><code>url(r&apos;^csrf1/$&apos;, views.csrf1),
url(r&apos;^csrf2/$&apos;, views.csrf2),
</code></pre><ul>
<li>&#x521B;&#x5EFA;&#x6A21;&#x677F;csrf1.html&#x7528;&#x4E8E;&#x5C55;&#x793A;&#x8868;&#x5355;</li>
</ul>
<pre><code>&lt;html&gt;
&lt;head&gt;
    &lt;title&gt;Title&lt;/title&gt;
&lt;/head&gt;
&lt;body&gt;
&lt;form method=&quot;post&quot; action=&quot;/crsf2/&quot;&gt;
    &lt;input name=&quot;uname&quot;&gt;&lt;br&gt;
    &lt;input type=&quot;submit&quot; value=&quot;&#x63D0;&#x4EA4;&quot;/&gt;
&lt;/form&gt;
&lt;/body&gt;
&lt;/html&gt;
</code></pre><ul>
<li>&#x521B;&#x5EFA;&#x6A21;&#x677F;csrf2&#x7528;&#x4E8E;&#x5C55;&#x793A;&#x63A5;&#x6536;&#x7684;&#x7ED3;&#x679C;</li>
</ul>
<pre><code>&lt;html&gt;
&lt;head&gt;
    &lt;title&gt;Title&lt;/title&gt;
&lt;/head&gt;
&lt;body&gt;
{{ uname }}
&lt;/body&gt;
&lt;/html&gt;
</code></pre><ul>
<li>&#x5728;&#x6D4F;&#x89C8;&#x5668;&#x4E2D;&#x8BBF;&#x95EE;&#xFF0C;&#x67E5;&#x770B;&#x6548;&#x679C;&#xFF0C;&#x62A5;&#x9519;&#x5982;&#x4E0B;&#xFF1A;</li>
</ul>
<p><img src="images/csrf1.png" alt="csrf1"></p>
<ul>
<li>&#x5C06;settings.py&#x4E2D;&#x7684;&#x4E2D;&#x95F4;&#x4EF6;&#x4EE3;&#x7801;&apos;django.middleware.csrf.CsrfViewMiddleware&apos;&#x6CE8;&#x91CA;</li>
<li>&#x67E5;&#x770B;csrf1&#x7684;&#x6E90;&#x4EE3;&#x7801;&#xFF0C;&#x590D;&#x5236;&#xFF0C;&#x5728;&#x81EA;&#x5DF1;&#x7684;&#x7F51;&#x7AD9;&#x5185;&#x5EFA;&#x4E00;&#x4E2A;html&#x6587;&#x4EF6;&#xFF0C;&#x7C98;&#x8D34;&#x6E90;&#x7801;&#xFF0C;&#x8BBF;&#x95EE;&#x67E5;&#x770B;&#x6548;&#x679C;</li>
</ul>
<h4 id="&#x9632;csrf&#x7684;&#x4F7F;&#x7528;">&#x9632;csrf&#x7684;&#x4F7F;&#x7528;</h4>
<ul>
<li>&#x5728;django&#x7684;&#x6A21;&#x677F;&#x4E2D;&#xFF0C;&#x63D0;&#x4F9B;&#x4E86;&#x9632;&#x6B62;&#x8DE8;&#x7AD9;&#x653B;&#x51FB;&#x7684;&#x65B9;&#x6CD5;&#xFF0C;&#x4F7F;&#x7528;&#x6B65;&#x9AA4;&#x5982;&#x4E0B;&#xFF1A;</li>
<li>step1&#xFF1A;&#x5728;settings.py&#x4E2D;&#x542F;&#x7528;&apos;django.middleware.csrf.CsrfViewMiddleware&apos;&#x4E2D;&#x95F4;&#x4EF6;&#xFF0C;&#x6B64;&#x9879;&#x5728;&#x521B;&#x5EFA;&#x9879;&#x76EE;&#x65F6;&#xFF0C;&#x9ED8;&#x8BA4;&#x88AB;&#x542F;&#x7528;</li>
<li>step2&#xFF1A;&#x5728;csrf1.html&#x4E2D;&#x6DFB;&#x52A0;&#x6807;&#x7B7E;</li>
</ul>
<pre><code>&lt;form&gt;
{% csrf_token %}
...
&lt;/form&gt;
</code></pre><ul>
<li>step3&#xFF1A;&#x6D4B;&#x8BD5;&#x521A;&#x624D;&#x7684;&#x4E24;&#x4E2A;&#x8BF7;&#x6C42;&#xFF0C;&#x53D1;&#x73B0;&#x8DE8;&#x7AD9;&#x7684;&#x8BF7;&#x6C42;&#x88AB;&#x62D2;&#x7EDD;&#x4E86;&#xFF0C;&#x6548;&#x679C;&#x5982;&#x4E0B;&#x56FE;</li>
</ul>
<p><img src="images/csrf2.png" alt="csrf2"></p>
<h4 id="&#x53D6;&#x6D88;&#x4FDD;&#x62A4;">&#x53D6;&#x6D88;&#x4FDD;&#x62A4;</h4>
<ul>
<li>&#x5982;&#x679C;&#x67D0;&#x4E9B;&#x89C6;&#x56FE;&#x4E0D;&#x9700;&#x8981;&#x4FDD;&#x62A4;&#xFF0C;&#x53EF;&#x4EE5;&#x4F7F;&#x7528;&#x88C5;&#x9970;&#x5668;csrf_exempt&#xFF0C;&#x6A21;&#x677F;&#x4E2D;&#x4E5F;&#x4E0D;&#x9700;&#x8981;&#x5199;&#x6807;&#x7B7E;&#xFF0C;&#x4FEE;&#x6539;csrf2&#x7684;&#x89C6;&#x56FE;&#x5982;&#x4E0B;</li>
</ul>
<pre><code>from django.views.decorators.csrf import csrf_exempt

@csrf_exempt
def csrf2(request):
    uname=request.POST[&apos;uname&apos;]
    return render(request,&apos;booktest/csrf2.html&apos;,{&apos;uname&apos;:uname})
</code></pre><ul>
<li>&#x8FD0;&#x884C;&#x4E0A;&#x9762;&#x7684;&#x4E24;&#x4E2A;&#x8BF7;&#x6C42;&#xFF0C;&#x53D1;&#x73B0;&#x90FD;&#x53EF;&#x4EE5;&#x8BF7;&#x6C42;</li>
</ul>
<h4 id="&#x4FDD;&#x62A4;&#x539F;&#x7406;">&#x4FDD;&#x62A4;&#x539F;&#x7406;</h4>
<ul>
<li>&#x52A0;&#x5165;&#x6807;&#x7B7E;&#x540E;&#xFF0C;&#x53EF;&#x4EE5;&#x67E5;&#x770B;&#x6E90;&#x4EE3;&#x7801;&#xFF0C;&#x53D1;&#x73B0;&#x591A;&#x4E86;&#x5982;&#x4E0B;&#x4EE3;&#x7801;</li>
</ul>
<pre><code>&lt;input type=&apos;hidden&apos; name=&apos;csrfmiddlewaretoken&apos; value=&apos;nGjAB3Md9ZSb4NmG1sXDolPmh3bR2g59&apos; /&gt;
</code></pre><ul>
<li>&#x5728;&#x6D4F;&#x89C8;&#x5668;&#x7684;&#x8C03;&#x8BD5;&#x5DE5;&#x5177;&#x4E2D;&#xFF0C;&#x901A;&#x8FC7;network&#x6807;&#x7B7E;&#x53EF;&#x4EE5;&#x67E5;&#x770B;cookie&#x4FE1;&#x606F;</li>
<li>&#x672C;&#x7AD9;&#x4E2D;&#x81EA;&#x52A8;&#x6DFB;&#x52A0;&#x4E86;cookie&#x4FE1;&#x606F;&#xFF0C;&#x5982;&#x4E0B;&#x56FE;</li>
</ul>
<p><img src="images/csrf3.png" alt="csrf3"></p>
<ul>
<li>&#x67E5;&#x770B;&#x8DE8;&#x7AD9;&#x7684;&#x4FE1;&#x606F;&#xFF0C;&#x5E76;&#x6CA1;&#x6709;cookie&#x4FE1;&#x606F;&#xFF0C;&#x5373;&#x4F7F;&#x52A0;&#x5165;&#x4E0A;&#x9762;&#x7684;&#x9690;&#x85CF;&#x57DF;&#x4EE3;&#x7801;&#xFF0C;&#x53D1;&#x73B0;&#x53C8;&#x53EF;&#x4EE5;&#x8BBF;&#x95EE;&#x4E86;</li>
<li>&#x7ED3;&#x8BBA;&#xFF1A;django&#x7684;csrf&#x4E0D;&#x662F;&#x5B8C;&#x5168;&#x7684;&#x5B89;&#x5168;</li>
<li>&#x5F53;&#x63D0;&#x4EA4;&#x8BF7;&#x6C42;&#x65F6;&#xFF0C;&#x4E2D;&#x95F4;&#x4EF6;&apos;django.middleware.csrf.CsrfViewMiddleware&apos;&#x4F1A;&#x5BF9;&#x63D0;&#x4EA4;&#x7684;cookie&#x53CA;&#x9690;&#x85CF;&#x57DF;&#x7684;&#x5185;&#x5BB9;&#x8FDB;&#x884C;&#x9A8C;&#x8BC1;&#xFF0C;&#x5982;&#x679C;&#x5931;&#x8D25;&#x5219;&#x8FD4;&#x56DE;403&#x9519;&#x8BEF;</li>
</ul>

                    
                    </section>
                
                
                </div>
            </div>
        </div>

        
        <a href="../part4/4.html" class="navigation navigation-prev " aria-label="Previous page: HTML转义"><i class="fa fa-angle-left"></i></a>
        
        
        <a href="../part4/6.html" class="navigation navigation-next " aria-label="Next page: 验证码"><i class="fa fa-angle-right"></i></a>
        
    </div>
</div>

        
<script src="../gitbook/app.js"></script>

    
    <script src="../gitbook/plugins/gitbook-plugin-search/lunr.min.js"></script>
    

    
    <script src="../gitbook/plugins/gitbook-plugin-search/search.js"></script>
    

    
    <script src="../gitbook/plugins/gitbook-plugin-sharing/buttons.js"></script>
    

    
    <script src="../gitbook/plugins/gitbook-plugin-fontsettings/buttons.js"></script>
    

<script>
require(["gitbook"], function(gitbook) {
    var config = {"highlight":{},"search":{"maxIndexSize":1000000},"sharing":{"facebook":true,"twitter":true,"google":false,"weibo":false,"instapaper":false,"vk":false,"all":["facebook","google","twitter","weibo","instapaper"]},"fontsettings":{"theme":"white","family":"sans","size":2}};
    gitbook.start(config);
});
</script>

        
    </body>
    
</html>
